Security News

The US Cybersecurity and Infrastructure Security Agency has warned admins to patch a set of severe security flaws dubbed ICMAD and impacting SAP business apps using Internet Communication Manager. Yesterday, Onapsis Research Labs who found and reported CVE-2022-22536, one of the three ICMAD bugs and the one rated as a maximum severity issue, also cautioned SAP customers to patch them immediately.

SAP has identified 32 apps that are affected by CVE-2021-44228 - the critical vulnerability in the Apache Log4j Java-based logging library that's been under active attack since last week. Thomas Fritsch, an SAP security researcher at enterprise security firm Onapsis, said in his SAP Patch Tuesday writeup that the number of HotNews Notes may seem high, but one of them - #3089831, tagged with a CVSS score of 9.9 - was initially released on SAP's September 2021 Patch Tuesday.

SAP is leading this HR transformation with its human capital management solution, SAP SuccessFactors. With perimeter-based security no longer effective, you need a solution that understands SuccessFactors and can secure it regardless of how people are connecting and the data involved.

"HotNews" is the severity rating that SAP gives to critical vulnerabilities. Given the nine critical patches, Fritsch dubbed last month's light SAP Patch Tuesday the "Calm before the storm." In fact, he said, Tuesday's raft of patches have earned August the dubious honor of being "The most noteworthy SAP Patch Day this year" for customers, he wrote.

German enterprise software giant SAP has released 19 new and updated security notes, including for nine new vulnerabilities that have been rated critical or high severity. One of the critical vulnerabilities is CVE-2021-33698, an unrestricted file upload issue affecting SAP Business One.

U.S. adoption of SAP S/4HANA has rebounded after slowing for most of 2020 as the COVID-19 pandemic stalled digital transformations, according to a report published by Information Services Group. The report for the U.S. finds S/4HANA, the enterprise resource planning system running on SAP HANA, is evolving to better meet enterprise business needs with artificial intelligence, analytics and an interactive interface.

Many SAP customers have a false sense of security, according to a new report from risk management consultancy Turnkey Consulting and business-critical application security firm Onapsis. The SAP Security Survey Report 2021 is based on information from over 100 SAP customers in the United States, Europe and Asia.

Many application owners are unaware of how vulnerable their SAP applications may be, significantly increasing the risks to their core enterprise systems. This is the overall conclusion of a...

The Tricentis, Capgemini and Sogeti report explores current SAP adoption and implementation trends, and organizations' preparedness to deal with the challenges emerging from the changing SAP landscape. "SAP's ERP system acts as the backbone of business processes across departments for organizations globally. While businesses continue to benefit from it, the overall SAP environment has undergone rapid disruption in recent years," said Wolfgang Platz, Chief Strategy Officer at Tricentis.

SAP announced its financial results for the second quarter ended June 30, 2021. "We're seeing strong adoption of our cloud portfolio as customers select SAP for their business transformation. Our strategy is working; This is the third straight quarter of strong execution, and we continue to deliver unparalleled customer value through the strength of our platform and applications," said Christian Klein, CEO. "This has been another strong quarter with accelerating growth for SAP's cloud portfolio. We saw excellent customer momentum and adoption and are raising our outlook for revenue and profit," said Luka Mucic, CFO. Business update second quarter 2021.